Empathy List Archives

websecurity@lists.webappsec.org

The Web Security Mailing List

View all threads

Re: [WEB SECURITY] OWASP Zed Attack Proxy 2.0.0

psiinon

Fri, Feb 22, 2013 1:58 PM

Glad you like it :)

Cheers,

Simon

On Fri, Feb 22, 2013 at 3:34 AM, Nguoi Tam Ky nguoitamky@gmail.com wrote:

Thank you, ZED is a wonderfull tool :) I love it

On Wed, Jan 30, 2013 at 10:54 PM, psiinon psiinon@gmail.com wrote:

Hi folks,

The OWASP Zed Attack Proxy (ZAP) is an easy to use integrated
penetration testing tool for finding vulnerabilities in web
applications.

It is designed to be used by people with a wide range of security
experience and as such is ideal for developers and functional testers
who are new to penetration testing as well as being a useful addition
to an experienced pen testers toolbox.

OWASP ZAP 2.0.0 is now available :
http://code.google.com/p/zaproxy/downloads/list

Quick summary of the main changes:

An integrated add-ons marketplace
A replacement for the 'standard' Spider
A new 'Ajax' spider
Web Socket support
Session awareness
Quick Start tab
User defined Contexts
Session scope
Different modes
A scripting console
Authentication handling
More API support
Fine grained scanning controls
New and improved active and passive scanning rules

For more details see the OWASP Blog post:
http://owasp.blogspot.com/2013/01/owasp-zed-attack-proxy-v-200.html

Many thanks to everyone who has contributed code, language files,
enhancement requests, bug reports and general feedback.

Simon

--
OWASP ZAP Project leader

This list is sponsored by: Information Assurance Certification Review
Board

Prove to peers and potential employers without a doubt that you can
actually do a proper penetration test. IACRB CPT and CEPT certs require a
full practical examination in order to become certified.

http://www.iacertification.org

--
OWASP ZAP https://www.owasp.org/index.php/ZAP Project leader

Glad you like it :) Cheers, Simon On Fri, Feb 22, 2013 at 3:34 AM, Nguoi Tam Ky <nguoitamky@gmail.com> wrote: > Thank you, ZED is a wonderfull tool :) I love it > > > On Wed, Jan 30, 2013 at 10:54 PM, psiinon <psiinon@gmail.com> wrote: > >> Hi folks, >> >> The OWASP Zed Attack Proxy (ZAP) is an easy to use integrated >> penetration testing tool for finding vulnerabilities in web >> applications. >> >> It is designed to be used by people with a wide range of security >> experience and as such is ideal for developers and functional testers >> who are new to penetration testing as well as being a useful addition >> to an experienced pen testers toolbox. >> >> OWASP ZAP 2.0.0 is now available : >> http://code.google.com/p/zaproxy/downloads/list >> >> Quick summary of the main changes: >> * An integrated add-ons marketplace >> * A replacement for the 'standard' Spider >> * A new 'Ajax' spider >> * Web Socket support >> * Session awareness >> * Quick Start tab >> * User defined Contexts >> * Session scope >> * Different modes >> * A scripting console >> * Authentication handling >> * More API support >> * Fine grained scanning controls >> * New and improved active and passive scanning rules >> >> For more details see the OWASP Blog post: >> http://owasp.blogspot.com/2013/01/owasp-zed-attack-proxy-v-200.html >> >> Many thanks to everyone who has contributed code, language files, >> enhancement requests, bug reports and general feedback. >> >> Simon >> >> -- >> OWASP ZAP Project leader >> >> ------------------------------------------------------------------------ >> This list is sponsored by: Information Assurance Certification Review >> Board >> >> Prove to peers and potential employers without a doubt that you can >> actually do a proper penetration test. IACRB CPT and CEPT certs require a >> full practical examination in order to become certified. >> >> http://www.iacertification.org >> ------------------------------------------------------------------------ >> >> > -- OWASP ZAP <https://www.owasp.org/index.php/ZAP> Project leader